M2M Cellular Gateway
Configuration Path
Browse
Command Button
Configuration Path
Command Button
Scenario Operation Procedure (same as the one described in "My Certificates" section)
In above diagram, the "Gateway 1" is the gateway of Network‐A in headquarters and
the subnet of its Intranet is 10.0.76.0/24. It has the IP address of 10.0.76.2 for LAN
interface and 203.95.80.22 for WAN‐1 interface. The "Gateway 2" is the gateway of
Network‐B in branch office and the subnet of its Intranet is 10.0.75.0/24. It has the IP
address of 10.0.75.2 for LAN interface and 118.18.81.33 for WAN‐1 interface. They both
serve as the NAT security gateways.
Gateway 1 generates the root CA and a local certificate (HQCRT) that is signed by itself.
Import the certificates of the root CA and HQCRT into the "Trusted CA Certificate List"
and "Trusted Client Certificate List" of Gateway 2.
Gateway 2 generates a Certificate Signing Request (BranchCSR) for its own certificate
BranchCRT to be signed by root CA (Please generate one not self‐signed certificate in
the Gateway 2, and click on the "View" button for that CSR. Just downloads it). Take the
CSR to be signed by the root CA of the Gateway 1 and obtain the BranchCRT certificate
(you need rename it). Import the certificate into the "Trusted Client Certificate List" of
the Gateway 1 and the "Local Certificate List" of the Gateway 2.
Gateway 2 can establish an IPSec VPN tunnel with "Site to Site" scenario and IKE and
X.509 protocols to Gateway 1.
Finally, the client hosts in two subnets of 10.0.75.0/24 and 10.0.76.0/24 can
communicate with each other.
The Issued Certificates setting allows user to import Certificate Signing Request (CSR) to be signed
by root CA.
Index skipping is used to reserve slots for new function insertion, when required.
[Issue Certificates]‐[Certificate Signing Request Import from a File]
C:/BranchCSR
Sign
[Issue Certificates]‐[Signed Certificate View]
Download (default name is "issued.crt")
295